Posts Tagged IT security

With more than 2.19 billion users worldwide, Facebook is one of the most popular social media website that comes with a promise to reconnect you with your family and friends. Given its high rising popularity, cyber criminals are targeting Facebook users each day.

In order to protect your Facebook logins from being compromised, it is first important to understand ways in which hackers can hack your Facebook account. Here we have listed few ways to help you gain an insight over this.

Facebook Phishing – It is one of the most common way for hacking a Facebook account. The hacker creates a fake login page that replicates a real one. The victim is then sent an email in which he/she is asked to login through that page. Once this is done, the hacker steals away victim’s username and password. They may use a person’s personal information to either harass them or earn money.

Mobile Hacking – Millions of people operate their Facebook accounts on mobile. A hacker can hack your Facebook account easily if he is able to gain access to your mobile phone. It can be done by using mobile spying software or by simply accessing the device.

Keylogging – A person can unknowingly fall victim of keylogging. In this attack, a program is installed on a person’s computer. When once this is done, it taps everything that a user types on one’s device. The login credentials are then sent to the hacker on his email address.

Man In The Middle Attack – This can happen when the victim and attacker are on the same network. The hacker alters the communication between server and user, steals away user’s credentials in between the channel and hacks victim’s Facebook account.

Browser Stealing – A lot of people store Facebook passwords in the browser which can prove to be really dangerous. No matter how convenient it seems, storing passwords in browser often opens up doors for hackers to hack your account. The only way out is to either avoid saving passwords in browser or use password manager. They can also launch a USB attack with an auto installed program that steals away all the passwords saved in browser.

Cybersecurity is a rising concern. The soaring high figures that represent cyberattacks have been a cause of worry for businesses as well as cybersecurity professionals.

Ransomwares and phishing attacks have been a great threat throughout. Cerber is a ransomware that came into picture when 150,000 window users were infected worldwide via exploit kits in July 2016 alone.

What Happens When An Attack Is Launched?

The victim receives an email which contains an infected Microsoft office document attached to it. A malware is injected as soon as the user clicks & opens it.

When a device is attacked by the ransomware, Cerber encrypts the user’s files and demands money to decrypt and get the access back. The malware encrypts files with RC4 and RSA algorithms and renames them with a .cerber extension.

How Do You Know That You Have Been Infected By Cerber?

You will come to know that you have been attacked by the ransomware, when you’ll find a desktop note the moment you log in. Ransom notes will also be left inside folders that have been encrypted by the malware.

Apart from giving a notice about your files being encrypted, it also provides instructions on how to send the ransom amount to the attackers. The amount keeps on increasing with time and ranges from few hundreds to a thousand dollars.

Is It Possible To Decrypt Files Encrypted By Cerber?

It may or may not be possible. Though decryption tools were available for previous versions of Cerber. However, there is very less scope of recovering encrypted files for the most recent versions. Even paying the ransom amount does not guarantee that you will be able to recover your files.

How To Prevent The Ransomware?

Once your files are encrypted it is very difficult to restore them. So it is best to take preventive measures well on time. Install a latest antivirus software. Also make sure that you do not open any link or attachment sent from an unknown source.

It Talks – Surprisingly, it is a malware that talks and speaks to the victims. Some versions contain VBScript due to which you may hear audio alerts and messages informing that your files have been encrypted and you must pay the ransom amount to decrypt them.

Works Offline – People might think that disconnecting the device may prevent files from being encrypted. However, this is not true as cerber does not need an active internet connection to operate.

Till date, passwords were the most widely used way for authentication and to keep critical information secure. However, given the present scenario and state of cyber security it can be stated that traditional password systems have not been able to meet the security challenge. As per a report by Verizon, 81% of data breaches in 2017 were either due to stolen or weak passwords.

What Is The Problem With Passwords?

First, passwords are not secure at all. A weak password can easily be guessed or hacked by the cyber attacker leaving the user’s confidential information at risk. Secondly, a strong password is formed by the combination of alphabets, numerals and symbols. With an intention to set a strong password that is not very easy to hack, people complicate it too much and quite often forget it (now that’s a valid paradox).

Thirdly, employees often expose the organization to risk due to their carelessness. Writing the passwords and sticking them up on their desks in order to remember and keep them handy is the most common mistake and is a serious security threat. Also, it is very difficult to remember so many passwords for different login credentials which is why an alternative to setting passwords is required.

Better Alternatives To Setting Passwords –
Biometrics – With things like Apple Touch ID, Face ID passwords, unlocking using fingerprints etc. biometrics has gradually ingrained itself into our lives. It is an excellent alternative to using passwords as it involves our unique biology which makes it difficult to forge or hack. From fingerprints, eye retina scans, face scan etc. are all widely being used by people today. Also with time, more and more devices are becoming compatible to biometric verification.
Two- Factor Authentication – It provides an added layer of security. It uses a piece of information that only the user knows apart from the username and password. Either a one-time password that is sent to the user on their mobile phone or a specific user information that only he/she knows makes it difficult for cyber criminals to hack the password.

Heart Rate – Another safe alternative is using a security technology that resorts to heart rates of a person. Now this is something that is quite difficult to hack as each person has a unique heartbeat.

Security Tokens – There are two types of tokens – soft and hard security token. They are not connected to a network and generate one time passwords instead making them a great alternative.

With the evolving technology, there has been a paradigm shift in techniques that are opted to protect the confidential information. As predicted by Bill Gates in 2004 at a RSA Security Conference, passwords would soon become extinct as people are now opting for other alternatives which seem to be safer somehow.

Social Networks

Author

Abdul Subhani

I am the President & CEO of
Centex Technologies Microsoft Small Business Specialist, Certified E-Commerce Consultant, Certified Ethical Hacker, Certified Fraud Examiner, Virtual Instructor and an IT Consultant/Speaker on IT Security, Networking, Small Business Architect, & SEO Internet Marketing.

Certifications

Links

Twitter posts

We've been nominated for Small Business of the Year, Best I.T. Company, Young Entrepreneur of the Year, and CEO of the Year. Register and search for myself or Centex Technologies. It will only take you 5 minutes and I would greatly…lnkd.in/eqhaUXplnkd.in/erfAizd